IBM WebSphere MQ 7.1 < 7.1.0.5 / 7.5 < 7.5.0.3 Multiple Vulnerabilities

This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has a service installed that is affected by
multiple vulnerabilities.

Description :

The version of IBM WebSphere MQ server 7.1 / 7.5 installed on the
remote Windows host is missing fix pack 7.1.0.5 / 7.5.0.3 or later. It
is, therefore, affected by the following vulnerabilities :

- An information disclosure vulnerability exists due to a
failure to sanitize user-supplied input in the MQ
Telemetry component, resulting in path traversal outside
of a restricted path. A remote attacker can exploit
this, using a URI request, to view any file readable by
the 'mqm' user. (CVE-2013-4054)

- An unspecified information disclosure vulnerability
exists in IBM Java related to the Libraries component.
A remote attacker can exploit this to obtain sensitive
information. (CVE-2013-5780)

Note that the fix list for fix pack 7.5.0.3 shows that several APARs
have a security or integrity exposure (IC93986, IC94287, IC94453,
IC94752, IC97555). It is not known whether any of these APARs
correspond with the information disclosure vulnerability in the
Telemetry component or to what extent they represent actual security
issues.

See also :

http://www.nessus.org/u?af978a19
http://www.nessus.org/u?f8563017
http://www-01.ibm.com/support/docview.wss?uid=swg21664550
https://www-304.ibm.com/support/docview.wss?uid=swg21671933
http://www-01.ibm.com/support/docview.wss?uid=swg27038184#7503

Solution :

Apply fix pack 7.1.0.5 / 7.5.0.3 or later.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 3.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 73103 ()

Bugtraq ID: 65897
63115

CVE ID: CVE-2013-4054
CVE-2013-5780

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now